Oracle Database Server Unified Audit Vulnerability Allowing Unauthorized Data Modification

Vulnerability

A vulnerability exists in the Unified Audit component of Oracle Database Server, affecting versions 19.3 through 19.27, 21.3 through 21.18, and 23.4 through 23.8. This easily exploitable vulnerability allows a high-privileged attacker with Create User privileges and network access via Oracle Net to compromise Unified Audit. Exploitation requires human interaction from a third party. Successful attacks could lead to unauthorized updates, inserts, or deletions of certain Unified Audit data.

Impact

Exploitation of this vulnerability could result in unauthorized modifications to Unified Audit data.

Added: Jul 15, 2025, 11:19 PM

Updated: Jul 15, 2025, 11:19 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

0.6

exploitability

4.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

0.6

exploitability

4.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Database Server Unified Audit Vulnerability Allowing Unauthorized Data Modification

Vulnerability

Impact

Affected Products

Oracle Database Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating